Internal

A new Cuckoo hatched his egg!

Overview

Cuckoo Sandbox is an Open Source automated dynamic malware analysis system designed to analyze and report on suspicious files.
Cuckoo started as a Google Summer of Code project in 2010 within The Honeynet Project. It was designed and developed by Claudio Guarnieri who still maintains the project and lead its development efforts.

Cuckoo has been selected again this year for Google Summer of Code 2011 with The Honeynet Project and with Dario Fernandes who joined the team. The work being done in the last months lead to the release of the 0.2 version.

What's new in 0.2 version ?

Basically Cuckoo has been completely rewritten since 0.1 and is now much more solid and easier to setup.
It has been refactored to be purely Python and to use our new hooking engine, cHook.

One of the most interesting aspects is the introduction of analysis packages.

These packages provide scripting capabilities to Cuckoo's analysis process: through the use of three custom Python functions, users are now
able to control the code injection, process monitoring, customize the conditions to terminate the analysis and allow to execute any code before, during and after the analysis within the virtualized environment.

This feature allows users to adapt Cuckoo to their own needs in a clean and structured fashion and permits the creation of unique and
unconventional use cases.